Concerns over police reliance on phone data extraction technology

17th Feb 2022

Police routinely use the data extraction technology Cellebrite to obtain data from mobile phones for their investigations. But there could be problems with relying on this hi-tech digital scanning tool to collect evidence to present in court.

There are growing concerns about the technology, with some experts claiming the software may have security flaws. These vulnerabilities could result in falsified data slipping into police investigations.

What is Cellebrite software?

The Israeli technology Cellebrite is used to instantly extract messages, photos and other information from mobile phones. It is a valuable tool for police, enabling them to explore a suspect’s connections or trace evidence of criminal activities.

How does Cellebrite work?

It takes just a few seconds for police to scan a mobile phone with technology such as Cellebrite. They usually download the entire contents of the phone and gain an enormous level of intelligence.

Police can scan a device during a stop and search on reasonable grounds, while patrolling in a vehicle, or while questioning a suspect – often without the knowledge of the person. Usually they are seeking confirmation of drug dealing, child sexual abuse, murder or gang activity involving assault or robbery.

Code able to be planted to take over scan and rewrite data

According to the founder of Signal, Moxie Marlinspike, ‘the technology has ‘more than 100 security vulnerabilities that could be exploited to manipulate data’ during its extraction from mobile phones. Marlinspike claims faults in the surveillance tool ‘make it easy for anyone to plant code on a phone that would take over Cellebrite’s hardware if it was used to scan the device. It would not only be able to silently affect all future investigations, but also rewrite the data … saved from previous analyses.’[i]

Can Cellebrite evidence be relied on in court?

Apart from questions of breaching privacy, I have seen people charged over messages they had cc’d to other people’s phones. In my experience, defendants usually plead guilty when confronted with evidence gleaned from their mobile phone.

But there could be defences mounted based on possible faults in the technology. In the US, a defence attorney is challenging a conviction that relied on Cellebrite evidence.[ii]

Cellebrite software widely used to convict criminals

A quick search of the word Cellebrite in the Austlii site of Australian court judgments reveals that many law enforcement officers rely on this technology to secure convictions.

One such case led to a murder conviction, after data gathered by a digital scan revealed the defendant had boasted to a friend that he had ‘anked’ the victim.[iii]

Before submitting evidence gleaned from surveillance technology such as Cellebrite, law enforcement needs to be certain it can be relied upon. If the software is suspected of being faulty, this could result in a miscarriage of justice.

For information on the powers of the police to access computers, please see New laws extend police power to hack suspects’ personal computers and What do new critical infrastructure laws mean for Australian businesses?

This is an edited version of an article first published by Stacks Law Firm.

John Gooley is a lawyer practising across criminal, family and employment law and associated commercial matters at Stacks Collins Thompson. He enjoys Legal Aid briefs and duty work, as well as defended hearings, special fixtures and severity appeals. John has experience in the regulation of advertising and its content, NSW local government planning and licensing and CTTT matters, as well as HREOC and NSW ADB actions. He has wide-ranging experience in both the federal and state employment jurisdictions, and is a life member of the NSW Public Service Professional Officers Association. John served with the 1st Commando Regiment as a young man, and is now a member of and former legal adviser to the 1st Commando Regiment Association. He spent many years in federal law enforcement, intelligence and legal areas including drug, crime, revenue fraud and money laundering matters, in both the federal and state jurisdictions, before entering private practice in 2002.

The views and opinions expressed in this article are the author's and do not necessarily represent the views and opinions of the Australian Lawyers Alliance (ALA).

Learn about how you can get involved and contribute an article

[i] A Hern, The Guardian, ‘Signal founder: I hacked police phone-cracking tool Cellebrite 23 April 2021

Tags: technology Evidence John Gooley